Your company implemented a biometric-based system to control access to the computer room. When the threshold (1 to 10) is set to 5, both the False Acceptance Rate (FAR) and False Rejection Rate (FRR) are 5 out of 10. Which of the following is the best configuration to enforce the physical security of the computer room? (Wentz QOTD)
A. Lower the Crossover Error Rate (CER)
B. Raise the Equal Error Rate (EER).
C. Lower the sensitivity
D. Raise the threshold

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Raise the threshold.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.

In the context of biometric-based systems, sensitivity/threshold and CER/EER are commonly used interchangeably. The lower Crossover Error Rate (CER) or Equal Error Rate (EER), the fewer mistakes a biometric system will make.

To change (lower or raise) CER or EER implies a biometric system/machine is replaced (not configured). CER or EER can not be “configured” by customers. Customers can adjust or configure the “sensitivity” or “threshold” to change the FAR/FRR according to their security needs.

• Lowering the sensitivity/threshold means accepting fewer matched biometric patterns, increasing the FAR and decreasing the FRR, and more convenience.
• Raising the sensitivity/threshold means requiring more matched biometric patterns, increasing the FRR and decreasing the FAR, and resulting in more security.

Reference

---

您的公司實施了一個基於生物識別的系統來控制對計算機房的訪問。 當閾值（1 到 10）設置為 5 時，錯誤接受率 (FAR) 和錯誤拒絕率 (FRR) 均為 10 分之 5。以下哪一項是強化計算機房實體安全的最佳配置？(Wentz QOTD)
A. 降低交叉錯誤率 (CER)
B. 提高等差錯率 (EER)。
C. 降低靈敏度 (sensitivity)
D. 提高門檻值 (threshold)